FedRAMP

The Federal Risk and Authorization Management Program (FedRAMP) is a US government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. Any cloud services that hold federal data must be FedRAMP Authorized and FedRAMP prescribes the security requirements and process cloud service providers must follow in order for the government to use their service. FedRAMP's security baselines are derived from NIST SP 800-53 with a set of control enhancements that pertain to the unique security requirements of cloud computing.